When you build an app
for any project
there’s one main place to go
Amazon Web Services
gives you all the tools
as every dev should know

Affordable
extensible
and manageable indeed
Servers, storage
and scaling plans
it has everything you need

But is it secure
or do you know
how to configure the settings right
There are many options
and permissions too
what you need is more insight

CloudSploit scans
and will deliver
automated reports
Of every setting
and access point
with best practices it exhorts

CloudSploit is a beacon of light amid an industry awash in highly optimized pricing plans. An open source project spearheaded by founders Matthew Fuller and Josh Rosenthal, its AWS tests represent the contributed work of developers around the world. The metadata-only scans use the principle of least privilege accessing only as much of the system as required. It uses read-only permissions and stores just the information needed to provide actionable results. The reports contain not only the results of the full test suite but also tangible recommendations on how to properly configure your system. CloudSploit holds to the values that got them to where they are making their free AWS security scans available to all. They’d rather all AWS servers be secured and properly configured than attempt to optimize every last iota of their pricing model. Upgrading gives the benefit of automating the scans and other more advanced options.